OTHER INFORMATION SECURITY BOOKS FROM AUERBACH
A Practical Guide to Security Assessments
Sudhanshu Kairab
ISBN 978-0-8493-1706-4
Adaptive Security Management Architecture
James S. Tiller
ISBN 978-0-8493-7052-6
Assessing and Managing Security Risk in IT
Systems: A Structured Methodology
John McCumber
ISBN 978-0-8493-2232-7
Asset Protection through Security
Awareness
Tyler Justin Speed
ISBN 978-1-4398-0982-2
Cyber Security Essentials
James Graham and Ryan Olson, Editors
ISBN 978-1-4398-5123-4
Data Mining and Machine Learning in
Cybersecurity
Sumeet Dua and Xian Du
ISBN 978-1-4398-3942-3
Defense against the Black Arts: How
Hackers Do What They Do and How to
Protect against It
Jesse Varsalone and Matthew McFadden
ISBN 978-1-4398-2119-0
Publication Date: September 09, 2011
FISMA Principles and Best Practices:
Beyond Compliance
Patrick D. Howard
ISBN 978-1-4200-7829-9
Information Security Risk Analysis, Third
Edition
Thomas R. Peltier
ISBN 978-1-4398-3956-0
Information Technology Control and Audit,
Third Edition
Frederick Gallegos and Sandra Senft
ISBN 978-1-4200-6550-3
Introduction to Security and Network
Forensics
William J. Buchanan
ISBN 978-0-8493-3568-6
Machine Learning Forensics for Law
Enforcement, Security, and Intelligence
Jesus Mena
ISBN 978-1-4398-6069-4
Managing an Information Security and
Privacy Awareness and Training Program,
Second Edition
Rebecca Herold
ISBN 978-1-4398-1545-8
Mobile Device Security: A Comprehensive
Guide to Securing Your Information in a
Moving World
Stephen Fried
ISBN 978-1-4398-2016-2
Practical Risk Management for the CIO
Mark Scherling
ISBN 978-1-4398-5653-6
Secure and Resilient Software:
Requirements, Test Cases, and Testing
Methods
Mark S. Merkow
ISBN 978-1-4398-6621-4
Secure Java: For Web Application
Development
Abhay Bhargav and B. V. Kumar
ISBN 978-1-4398-2351-4
Secure Semantic Service-Oriented Systems
Bhavani Thuraisingham
ISBN 978-1-4200-7331-7
The Security Risk Assessment Handbook:
A Complete Guide for Performing Security
Risk Assessments, Second Edition
Douglas Landoll
ISBN 978-1-4398-2148-0
Security of Mobile Communications
Noureddine Boudriga
ISBN 978-0-8493-7941-3
Security Patch Management
Felicia Nicastro
ISBN 978-1-4398-2499-3
Security Strategy: From Requirements to
Reality
Bill Stackpole and Eric Oksendahl
ISBN 978-1-4398-2733-8
AUERBACH PUBLICATIONS
www.auerbach-publications.com
To Order Call: 1-800-272-7737 Fax: 1-800-374-3401
E-mail:
Information Security
Management Handbook
Sixth Edition
Volume 5
Edited by
Harold F. Tipton, CISSP Micki Krause Nozaki, CISSP
CRC Press
Taylor & Francis Group
6000 Broken Sound Parkway NW, Suite 300
Boca Raton, FL 33487-2742
2012 by Taylor & Francis Group, LLC
CRC Press is an imprint of Taylor & Francis Group, an Informa business
No claim to original U.S. Government works
Version Date: 20111021
International Standard Book Number-13: 978-1-4665-0850-7 (eBook - ePub)
This book contains information obtained from authentic and highly regarded sources. Reasonable efforts have been made to publish reliable data and information, but the author and publisher cannot assume responsibility for the validity of all materials or the consequences of their use. The authors and publishers have attempted to trace the copyright holders of all material reproduced in this publication and apologize to copyright holders if permission to publish in this form has not been obtained. If any copyright material has not been acknowledged please write and let us know so we may rectify in any future reprint.
Except as permitted under U.S. Copyright Law, no part of this book may be reprinted, reproduced, transmitted, or utilized in any form by any electronic, mechanical, or other means, now known or hereafter invented, including photocopying, microfilming, and recording, or in any information storage or retrieval system, without written permission from the publishers.
For permission to photocopy or use material electronically from this work, please access www.copyright.com (http://www.copyright.com/) or contact the Copyright Clearance Center, Inc. (CCC), 222 Rosewood Drive, Danvers, MA 01923, 978-750-8400. CCC is a not-for-profit organization that provides licenses and registration for a variety of users. For organizations that have been granted a photocopy license by the CCC, a separate system of payment has been arranged.
Trademark Notice: Product or corporate names may be trademarks or registered trademarks, and are used only for identification and explanation without intent to infringe.
Visit the Taylor & Francis Web site at
http://www.taylorandfrancis.com
and the CRC Press Web site at
http://www.crcpress.com
Contents
DOMAIN 1: ACCESS CONTROL
Access Control Techniques
ROB SHEIN
SANDY BACIK
SALAHUDDIN KAMRAN
GEORGES J. JAHCHAN
SALAHUDDIN KAMRAN
DOMAIN 2: TELECOMMUNICATIONS AND NETWORK SECURITY
Communications and Network Security
DAVID OBERRY
FOSTER HENDERSON
E. EUGENE SCHULTZ AND EDWARD RAY
DOMAIN 3: INFORMATION SECURITY AND RISK MANAGEMENT
Security Management Concepts and Principles
REBECCA HEROLD
ROBERT PITTMAN
TODD FITZGERALD
SANDY BACIK
ROBERT M. SLADE
CHRIS HARE
ANNE SHULTZ
JAMES C. MURPHY
CHRIS HARE
SANDY BACIK
CHRIS HARE
PRADNYESH RANE
PEDRO PERIS-LOPEZ, JULIO CESAR HERNANDEZ-CASTRO, JUAN M. ESTEVEZ-TAPIADOR, AND ARTURO RIBAGORDA
DOMAIN 5: CRYPTOGRAPHY